Greetings,
I am an IT staff member, and a member of our institution has requested installation of the Synapse software to download data. We have a very strict firewall policy here. I can request rule changes for specific external hosts and ports. I assume that all transactions occur via https, which simplifies the port issue (443). However, I need to know the names of all hosts that may be accessed.
I found forum article https://www.synapse.org/#!Synapse:syn5637528/discussion/threadId=6787 which mentions https://repo-prod.prod.sagebase.org/
Is this the only host that a user here ever would contact, or could other hosts be contacted?
From what I have read in the online documentation, my impression is that Synapse is a distributed or federated data repository, meaning that the potential set of hosts to contact is large and unbounded. However, I could be mistaken. Can somebody expand on this matter for me?
Does any kind of data flow diagram for Synapse exist? If so, where can I find it?
Regards,
Eric
Created by Eric Sisson emsisson We are happy to help. The Synapse hosts are `www.synapse.org` and `repo-prod.prod.sagebase.org`. But whitelisting those hosts will not be sufficient.
> From what I have read in the online documentation, my impression is that Synapse is a distributed or federated data repository, meaning that the potential set of hosts to contact is large and unbounded. However, I could be mistaken. Can somebody expand on this matter for me?
Synapse is a federated data store and the client software (web browser or other software package) running at your site would have to access the data store containing the data of interest to your analysts. By default the data in Synapse are stored in an AWS S3 (in the us-east-1 region) and, in some cases, served through AWS CloudFront. To access S3 you would whitelist, `s3.us-east-1.amazonaws.com`. To access CloudFront you would whitelist `data.prod.sagebase.org`, which is the domain we use with that service. Some Synapse projects use custom S3 buckets or Google Cloud buckets with different host names. Also, Sage Bionetworks also provides community-specific portals, like `https://adknowledgeportal.synapse.org` which is an alternative entry point to `www.synapse.org`. So the exact list of hosts to whitelist would depend on the interests of your analysts.